[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

how to block my lan to surf adult site?

Posted on 2004-10-28
7
Medium Priority
?
1,199 Views
Last Modified: 2012-08-13
i have a linux router...in my linux router...i have snort, firewall script...my second nic is connected to switch and then from switch to my LAN...so i want if on of the client in LAN typing something at webbrowser such as XXX...so the page will be replace with a page that i create my own self...is that possible?
0
Comment
Question by:operation1612
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 6

Expert Comment

by:blkline
ID: 12434365
What you want to do is install a proxy.  Check out "squid" at

http://www.squid-cache.org
0
 

Author Comment

by:operation1612
ID: 12436090
you mean install a proxy in my gateway?...that mean i will have to open port for proxy?...
0
 

Author Comment

by:operation1612
ID: 12436250
at least i dont want any another port to be open in my linux router...unless there is no other choice...thanks
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 6

Expert Comment

by:blkline
ID: 12436902
Squid is a proxy that you can install in the same box.  What you can do is intercept http requests coming from the inside network, look at what is being requested and then reply appropriately.  

There doesn't have to be any additional ports open from the outside to accomplish this (or the inside either, for that matter).
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12443368
install squid (or whatever proxy you like), then use iptables to redirect any outbound traffic to squid, ready.
0
 

Accepted Solution

by:
aimhigh earned 200 total points
ID: 12448384
I run DansGuardian on top of Squid as a content filter system like so:

user -> dansguardian:3128  -> (good) squid:80 -> Internet
                      |
                      V
                   (bad) blocked page that I crafted from the available template

Follow that up with iptables to block direct connect and use the squidguard ruleset that very easily integrates with DansGuardian and you have a pretty darn good content filter system.

Alternatively, you can leave the squid off (i.e. no caching) and simply just use dansguardian as a filter.
0
 

Expert Comment

by:Peeyush_Maurya
ID: 12667414
dansguradian is definetaly good but sometimes it slow down the internet speed...

use squid and its ACL
go through this link and u can block any site to some and allow some... through this u can do anything u want in a proxy server ..... squid alone is very powerfull...
http://www.linux-faqs.com/Forum/viewtopic.php?t=28
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Fine Tune your automatic Updates for Ubuntu / Debian
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question